What is the difference between SoD and governance policies?

Governance policies are the codification of unwanted access conditions, such that these conditions may be detected or prevented.

Separation of Duties, or SoD, is a type of governance policy that specifically codifies conflicting sets of access. Typically, SoD policies are used to detect or prevent access conditions that may allow potentially fraudulent activity, by ensuring that a single individual is not responsible for all parts of a transaction or process. A common example is an SoD policy that does not allow someone to both approve and make vendor payments. Another example would be an SoD policy that does not allow someone to both change and deploy code to production environments.

Therefore, the difference between SoD and governance policies is that SoD is a type of governance policy used to codify unwanted (or "toxic") combinations of access.